Security testing setup that is safe?


I was looking at installing templates for blackarch and kali, but noticed the following warning on each template:

Please keep in mind that using such a template for security and privacy critical tasks is not recommended.

The installation scripts and provided tools may have bugs, be vulnerable to Man in the Middle (MitM) attacks or other vulnerabilities.

Is this essentially just a disclaimer that there is no such thing as 100% safe or is there actually a better model to be following?

Many Thanks.

My understanding has been the disclaimers are warning against doing security or privacy sensitive activities such as banking, accessing personal data, whistleblowing, etc. In other words, they install a bunch of minimally vetted software so they should be used carefully and not for anything sensitive.

Those are pentesting distributions, not secure environments, hence the warning.

1 Like